View Issue Details

IDProjectCategoryView StatusLast Update
0023954mantisbtapi restpublic2018-02-10 15:36
ReportervboctorAssigned Tovboctor 
PrioritynormalSeverityminorReproducibilitysometimes
Status closedResolutionfixed 
Product Version2.11.0 
Target Version2.11.1Fixed in Version2.11.1 
Summary0023954: REST API doesn't work from UI for some users
Description

The newer user have cookie strings of length 64, but for users created by old releases, the cookie length is 32. There was an optimization check that checked the length to make sure it is 64 before querying the database. This check should be removed. Saving a query in case of access denied is not worth it anyways.

TagsNo tags attached.

Activities

vboctor

vboctor

2018-02-09 00:48

manager   ~0058807

I discovered this by noticing that for such users the Snippets row doesn't show an error shows in the console.

atrol

atrol

2018-02-09 08:05

developer   ~0058809

PR https://github.com/mantisbt/mantisbt/pull/1288

Related Changesets

MantisBT: master-2.11 29c4074d

2018-02-09 00:45:41

vboctor

Details Diff
Fix REST API cookie auth for users with 32 char cookies

Fixes 0023954
Affected Issues
0023954
mod - core/authentication_api.php Diff File
mod - core/constant_inc.php Diff File

Issue History

Date Modified Username Field Change
2018-02-09 00:44 vboctor New Issue
2018-02-09 00:44 vboctor Status new => assigned
2018-02-09 00:44 vboctor Assigned To => vboctor
2018-02-09 00:48 vboctor Note Added: 0058807
2018-02-09 08:05 atrol Note Added: 0058809
2018-02-09 16:07 vboctor Changeset attached => MantisBT master-2.11 29c4074d
2018-02-09 16:07 vboctor Status assigned => resolved
2018-02-09 16:07 vboctor Resolution open => fixed
2018-02-10 10:17 atrol Fixed in Version => 2.11.1
2018-02-10 15:36 vboctor Status resolved => closed